Bernie, I also read this attack can exploit *many* types of graphics files. Did the report you read say JPG files are the "preferred" target? I wonder what the "safest" graphics formats will be?
Some related links are included in my previous post: Subject: Serious new Windows vulnerability Date: Thu, 29 Dec 2005 18:12:57 -0800 <http://peach.ease.lsoft.com/scripts/wa.exe?A2=ind0512e&L=win-home&T=0&P=2383> Do you have a link or reference to the report you are referring to? Bill At 02:20 PM 12/31/2005, Bernie Cosell wrote: > >Just saw a report that there's a new attack exploiting the wmf >vulnerability that *cannot* be detected by _any_ curren AV package. What >it does is generate a random file [with extension .jpg] and buries the >offending call someplace in the middle of the file, preceded by random >junk. It current cannot be detected by any AV package, and because of >the [random] way the file is structured, the folks reporting it are >skeptical that they'll be able to develop effective signatures *at*all* >for this one. --- -- ---------------------------------------- WIN-HOME Archives: http://PEACH.EASE.LSOFT.COM/archives/WIN-HOME.html Contact the List Owner about anything: [EMAIL PROTECTED] Official Win-Home List Members Profiles Page http://www.besteffort.com/winhome/Profiles.html
